Private Key management is the Achilles Heel of blockchain applications. The loss of a private key represents a single point of failure. Indeed, most of us have heard nightmare stories of users losing their private key and consequently all of their crypto assets, never to be recovered. Sound key management practices are critical for maintaining blockchain account access, and making it easier while keeping it safe is critical for mainstream blockchain adoption.
The Perils of Managing Private Keys
In the crypto world, there is some progress being made with custodial services to protect users from theft of their private keys and assets. For example third parties such as the recently launched Bakkt provides custodial services and insurance up to $125,000,000 in order to support bitcoin futures trading.
But most service providers supporting blockchain applications simply retain custody of user private keys, which users often access via password, and don’t provide any insurance against theft. This situation concerns those providers because they then become the single point of failure for their customer’s system access, should they lose control of the private keys. These worries are justified — this is what played out during breaches of cryptocurrency accounts, where criminals gain control of private keys controlling access to those accounts.
There are wallet technologies that support user custody and recovery using a self-managed private key, but for most users, they are much too complicated to use and blockchain application operators do not impose them on their users for fear they will run away. See How to Mitigate or Prevent Ransomware Attacks that Demand Payment in Cryptocurrency for analysis of benefits and challenges of different blockchain wallet options.
Blockchain Data Security DOES NOT EQUAL Blockchain Data Access Security
Many market observers confuse blockchain data security with the security of ACCESS to blockchain data. The two dimensions are radically different. While blockchain data is securely and immutably stored, bad actors can gain access to those data (often crypto assets) by hijacking centrally maintained private user keys using age-old hacking techniques. These techniques – for example SIM Swapping or browser session hijacking – have for years helped criminals gain unauthorized access to bank accounts, credit reports, sensitive personal information, intellectual property secrets belonging to private organizations, and pretty much anything they wanted to get their cyber hands on.
Hundreds of millions’ dollars’ worth of crypto assets have been stolen using these very same cyber-bank robbery techniques. Current implementations of key management — where private keys are centrally maintained — almost negate the benefits of secure cryptographic access that they enable.
Multiparty computation (MPC) addresses this significant problem using clever and secure mathematical algorithms that can sign blockchain transactions without the use of a private key at all. Multiple parties work together to execute a transaction based on a secure cryptographic operation. In our latest Cool Vendors in Blockchain Security and Privacy report, we profile two emerging vendors — Curv and Unbound — that provide MPC key management and execution. (Sepior is a third vendor we have recently learned of that also supports MPC).
MPC is gaining notable traction today, mainly with cryptocurrency exchanges that use these solutions for their own system and employee access. Over time, they should make these solutions directly available to their customers and extend their solutions to a wide range of permissioned enterprise blockchain use cases.
Key challenge with MPC
MPC’s key challenge is that most users don’t want to have multiple users sign a particular transaction as required by MPC. Most users are either not ready, able or interested in supporting multiple signoffs on any given transaction. Users can assign a server to be a second party to their transaction signature, but that can defeat the security purpose of multiple (human) party participation.
We need a better alternative to private keys as a single point of failure. MPC starts to give us one.